- Add API to get privilege type.
It determines privilege type according to the given uid and package id
on the basis of ask policy white list per privacy and mdm black list.
- Add table for privacy white list.
It stores whitelist for ask policy and whether the privacy is user-settable or not.
Possible privacy option format is "*-{privacyA}-{privacyB}.." or "{privacyA}+{privacyB}+...".
If pkg should not be seen in privacy setting menu then set 'settable' flag to 0.
If 'settable' flag is set to 1 for the privacy or not exist for the privacy then then pkg privacy option is user-settable for that privacy.
Change-Id: I720e9f5abcf02c89b3a09238d5fbafe26bf8e044
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
ADD_DEFINITIONS("-DCLIENT_IPC_THREAD")
ADD_DEFINITIONS("-DUSE_IPC_EPOLL")
+MESSAGE("PROFILE = ${PROFILE}")
+IF("${PROFILE}" STREQUAL "wearable")
+ ADD_DEFINITIONS("-DENABLE_ASKUSER")
+ELSEIF("${PROFILE}" STREQUAL "mobile")
+ ADD_DEFINITIONS("-DENABLE_ASKUSER")
+ELSE()
+ ADD_DEFINITIONS("-DDISABLE_ASKUSER")
+ENDIF()
+
STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}")
ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"")
SET(pc_requires "glib-2.0")
INCLUDE(FindPkgConfig)
-pkg_check_modules(${fw_name} REQUIRED dlog pkgmgr-info glib-2.0 sqlite3)
+pkg_check_modules(${fw_name} REQUIRED dlog pkgmgr-info glib-2.0 sqlite3 libtzplatform-config)
FOREACH(flag ${${fw_name}_CFLAGS})
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
ENDFOREACH(flag)
ADD_DEFINITIONS("-DPROFILE_TYPE_TV")
ENDIF()
-MESSAGE("PROFILE = ${PROFILE}")
-IF("${PROFILE}" STREQUAL "wearable")
- ADD_DEFINITIONS("-DENABLE_ASKUSER")
-ELSEIF("${PROFILE}" STREQUAL "mobile")
- ADD_DEFINITIONS("-DENABLE_ASKUSER")
-ELSE()
- ADD_DEFINITIONS("-DDISABLE_ASKUSER")
-ENDIF()
-
SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath=${LIBDIR}")
aux_source_directory(src SOURCES)
#define __PRIVILEGE_DB_MANAGER_H
#include <glib.h>
+#include "privilege_manager.h"
typedef struct {
int profile_id;
} privilege_info_db_row_s;
typedef enum {
+ PRIVILEGE_DB_TYPE_INFO = 0,
+ PRIVILEGE_DB_TYPE_MAPPING = 1,
+ PRIVILEGE_DB_TYPE_POLICY_RW = 2,
+ PRIVILEGE_DB_TYPE_POLICY_RO = 3,
+} privilege_db_type_e;
+
+typedef enum {
PRIVILEGE_DB_MANAGER_ERR_NONE = 0,
- PRIVILEGE_DB_NO_EXIST_RESULT = 1,
- PRIVILEGE_DB_MANAGER_ERR_CONNECTION_FAIL = 2,
- PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY = 3,
- PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY = 4,
- PRIVILEGE_DB_MANAGER_ERR_INVALID_TYPE = 5,
- PRIVILEGE_DB_MANAGER_ERR_DB_BUSY_FAIL = 6,
- PRIVILEGE_DB_MANAGER_ERR_DB_CONSTRAINT_FAIL = 7,
- PRIVILEGE_DB_MANAGER_ERR_DB_FULL_FAIL = 8,
- PRIVILEGE_DB_MANAGER_ERR_DB_UPDATE_FAIL = 9,
- PRIVILEGE_DB_MANAGER_ERR_DB_NOENTRY = 1001 /* define error code to avoid conflict error code of sqlite_open */
+ PRIVILEGE_DB_NO_EXIST_RESULT = -1,
+ PRIVILEGE_DB_MANAGER_ERR_CONNECTION_FAIL = -2,
+ PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY = -3,
+ PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY = -4,
+ PRIVILEGE_DB_MANAGER_ERR_INVALID_TYPE = -5,
+ PRIVILEGE_DB_MANAGER_ERR_DB_BUSY_FAIL = -6,
+ PRIVILEGE_DB_MANAGER_ERR_DB_CONSTRAINT_FAIL = -7,
+ PRIVILEGE_DB_MANAGER_ERR_DB_FULL_FAIL = -8,
+ PRIVILEGE_DB_MANAGER_ERR_DB_UPDATE_FAIL = -9,
+ PRIVILEGE_DB_MANAGER_ERR_DB_NOENTRY = -1001 /* define error code to avoid conflict error code of sqlite_open */
} privilege_db_manager_error_e;
typedef enum {
} privilege_db_manager_privilege_level_e;
typedef enum {
- PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_WRT = 0,
- PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE = 1
+ PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_WRT = 0,
+ PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE = 1
} privilege_db_manager_package_type_e;
#ifdef __cplusplus
int privilege_db_manager_is(char type, const char* privilege);
int privilege_db_manager_is_preloaded(const char* pkgid);
+
+/* privilege should be privacy privilege */
+int privilege_db_manager_is_privacy_white_list(const char* pkgid, const char* privilege);
+
+int privilege_db_manager_is_user_settable(const char* pkgid, const char* privacy);
+
int __privilege_db_manager_get_privacy_list(GList** privacy_list);
int __privilege_db_manager_get_privilege_list_by_privacy(const char* privacy, GList **privilege_list);
-int privilege_db_manager_get_privacy_by_privilege(const char* privilege, char** privacy);
-int privilege_db_manager_get_black_list(int uid, privilege_db_manager_package_type_e package_type, GList** privilege_list);
-int privilege_db_manager_set_black_list(int uid, privilege_db_manager_package_type_e pacakge_type, GList *privilege_list);
-int privilege_db_manager_unset_black_list(int uid, privilege_db_manager_package_type_e package_type, GList *privilege_list);
+int privilege_db_manager_get_privacy_by_privilege(const char* privilege, char** privacy_name);
+int privilege_db_manager_get_privacy_id_by_privilege(const char* privilege, int* privacy_id);
+int privilege_db_manager_get_privacy_id(const char* privacy, int *privacy_id);
+
+int privilege_db_manager_is_disabled_privilege(uid_t uid, const char* privilege);
+int privilege_db_manager_get_black_list(privilege_manager_policy_type_e policy_type, int uid, privilege_db_manager_package_type_e package_type, GList** privilege_list);
+int privilege_db_manager_set_black_list(privilege_manager_policy_type_e policy_type, int uid, privilege_db_manager_package_type_e pacakge_type, GList *privilege_list);
+int privilege_db_manager_unset_black_list(privilege_manager_policy_type_e policy_type, int uid, privilege_db_manager_package_type_e package_type, GList *privilege_list);
/* Return the number of black-listed privileges in given privilege list */
int privilege_db_manager_check_black_list(int uid, privilege_db_manager_package_type_e pacakge_type, GList *privilege_list);
EXPORT_API int privilege_info_is_privacy2(const char *label, const char *privilege);
/**
+ * @brief Determines whether the privacy of given pkgid is user-settable
+ * @param [in] pkgid The package id
+ * @param [in] privacy The privacy name
+ * @return 1 if true, 0 if false, and -1 on error
+ */
+EXPORT_API int privilege_info_is_user_settable(const char *pkgid, const char *privacy);
+
+/**
+ * @brief Gets the type of given privilege on the basis of privacy whitelist and blacklist disabled list
+ * @param [in] uid The uid
+ * @param [in] pkgid The package id
+ * @param [in] privilege The privilege
+ * @param [out] type The type of privilege
+ * @return 0 on success, otherwise a nonzero error value.
+ * @retval #PRVMGR_ERR_NONE Successful
+ * @retval #PRVMGR_ERR_INVALID_PARAMETER Invalid parameter
+ * @retval #PRVMGR_ERR_INTERNAL_ERROR Internal error
+ */
+EXPORT_API int privilege_info_get_privilege_type(uid_t uid, const char* pkgid, const char* privilege, privilege_manager_privilege_type_e *type);
+
+/**
* @brief Gets all privacy list.
* @remarks @a privacy_list must be released with g_list_free() by you.
* @param [out] privacy_list The privacy list
*/
#ifndef __TIZEN_SECURITY_PRIVILEGE_INFO_TYPES_H
-#define __TIZEN_SECURITY_PRIVIELGE_INFO_TYPES_H
+#define __TIZEN_SECURITY_PRIVILEGE_INFO_TYPES_H
#ifdef __cplusplus
extern "C" {
*/
typedef enum {
PRVMGR_ERR_NONE = 0,
- PRVMGR_ERR_INVALID_PARAMETER = 1,
- PRVMGR_ERR_OUT_OF_MEMORY = 2,
- PRVMGR_ERR_INTERNAL_ERROR = 3,
- PRVMGR_ERR_NO_DATA = 4,
- PRVMGR_ERR_NO_EXIST_PRIVILEGE = 5,
- PRVMGR_ERR_MISMACHED_PRIVILEGE_LEVEL = 6,
- PRVMGR_ERR_INVALID_PRIVILEGE = 7,
+ PRVMGR_ERR_INVALID_PARAMETER = -1,
+ PRVMGR_ERR_OUT_OF_MEMORY = -2,
+ PRVMGR_ERR_INTERNAL_ERROR = -3,
+ PRVMGR_ERR_NO_DATA = -4,
+ PRVMGR_ERR_NO_EXIST_PRIVILEGE = -5,
+ PRVMGR_ERR_MISMACHED_PRIVILEGE_LEVEL = -6,
+ PRVMGR_ERR_INVALID_PRIVILEGE = -7,
PRVMGR_ERR_INVALID_METADATA = PRVMGR_ERR_INVALID_PRIVILEGE,
- PRVMGR_ERR_DEPRECATED_PRIVILEGE = 8,
- PRVMGR_ERR_USING_BANNED_PRIVILEGE = 9,
+ PRVMGR_ERR_DEPRECATED_PRIVILEGE = -8,
+ PRVMGR_ERR_USING_BANNED_PRIVILEGE = -9,
} privilege_manager_error_e;
typedef enum {
+ PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL, /* not privacy, not blacklisted by mdm */
+ PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY, /* privacy (privacy privilege must not blacklisted by mdm) */
+ PRIVILEGE_MANAGER_PRIVILEGE_TYPE_BLACKLIST, /* blacklisted by mdm(disabled by security-manager when policy is set) */
+ PRIVILEGE_MANAGER_PRIVILEGE_TYPE_MAX
+} privilege_manager_privilege_type_e;
+
+typedef enum {
+ PRIVILEGE_MANAGER_POLICY_TYPE_PREVENT,
+ PRIVILEGE_MANAGER_POLICY_TYPE_DISABLE,
+} privilege_manager_policy_type_e;
+
+typedef enum {
PRVMGR_PACKAGE_VISIBILITY_PUBLIC = 1 << 1,
PRVMGR_PACKAGE_VISIBILITY_PARTNER = 1 << 2,
PRVMGR_PACKAGE_VISIBILITY_PLATFORM = 1 << 3,
target_profile=$1
preloaded="$target_profile""_preloaded.list"
+PRIVACYLIST_CSV="privacylist.csv"
+PRIVACY_WHITELIST_CSV="$target_profile""_privacy_whitelist.csv"
echo "Creating PRIVILEGE_INFO table ..."
-sqlite3 $DB_NAME "CREATE TABLE PRIVILEGE_INFO (PROFILE_ID NUMERIC, PROFILE TEXT, PACKAGE_TYPE_ID NUMERIC, PACKAGE_TYPE TEXT, PRIVILEGE_LEVEL_ID NUMERIC, PRIVILEGE_LEVEL TEXT, API_VERSION_ISSUED TEXT, API_VERSION_EXPIRED TEXT, DOCUMENTED INTEGER, PRIVILEGE_NAME TEXT, IS_PRIVACY NUMERIC, PRIVACY_GROUP TEXT, PRIVILEGE_DISPLAY TEXT, PRIVILEGE_DESCRIPTION TEXT, PRIVILEGE_GROUP_ID NUMERIC, PRIVLEGE_GROUP TEXT, CHANGED_TO_2_3_1 TEXT, CHANGED_TO_2_4_0 TEXT);"
+sqlite3 $DB_NAME "CREATE TABLE PRIVILEGE_INFO (PROFILE_ID NUMERIC, PROFILE TEXT, PACKAGE_TYPE_ID NUMERIC, PACKAGE_TYPE TEXT, PRIVILEGE_LEVEL_ID NUMERIC, PRIVILEGE_LEVEL TEXT, API_VERSION_ISSUED TEXT, API_VERSION_EXPIRED TEXT, DOCUMENTED INTEGER, PRIVILEGE_NAME TEXT, IS_PRIVACY NUMERIC, PRIVACY_NAME TEXT, PRIVILEGE_DISPLAY TEXT, PRIVILEGE_DESCRIPTION TEXT, PRIVILEGE_GROUP_ID NUMERIC, PRIVLEGE_GROUP TEXT, CHANGED_TO_2_3_1 TEXT, CHANGED_TO_2_4_0 TEXT);"
echo "Create VALID_PRIVILEGE_INFO Table..."
-sqlite3 $DB_NAME "CREATE TABLE VALID_PRIVILEGE_INFO (PRIVILEGE_NAME TEXT UNIQUE, IS_PRIVACY NUMERIC, PRIVACY_GROUP TEXT, IS_INTERNAL NUMERIC);"
-
-echo "Create PRIVACY_INFO table..."
-sqlite3 $DB_NAME "CREATE TABLE PRIVACY_INFO (PRIVACY_GROUP TEXT UNIQUE, PRIVACY_DISPLAY TEXT);"
+sqlite3 $DB_NAME "CREATE TABLE VALID_PRIVILEGE_INFO (PRIVILEGE_NAME TEXT UNIQUE, IS_PRIVACY NUMERIC, PRIVACY_NAME TEXT, IS_INTERNAL NUMERIC);"
echo "Create PRELOADED table..."
sqlite3 $DB_NAME "CREATE TABLE PRELOADED (NAME TEXT)"
sqlite3 $DB_NAME "insert into preloaded values ('$NAME')"
done
-
-
for i in `cat core_privilege_info.csv`
do
temp=`echo $i | awk '/^#/'`
exit
fi
- PRIVACY_GROUP=`echo $i | cut -d "," -f 9`
+ PRIVACY_NAME=`echo $i | cut -d "," -f 9`
PRIVILEGE_DISPLAY=`echo $i | cut -d "," -f 11`
echo "Inserting $PRIVILEGE_NAME ..."
- sqlite3 $DB_NAME "insert into privilege_info values ( $PROFILE_ID, '$PROFILE', $PACKAGE_TYPE_ID, '$PACKAGE_TYPE', $PRIVILEGE_LEVEL_ID, '$PRIVILEGE_LEVEL', '$API_VERSION_ISSUED', '$API_VERSION_EXPIRED', '$DOCUMENTED', '$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_GROUP', '$PRIVILEGE_DISPLAY', '$PRIVILEGE_DESCRIPTION', $PRIVILEGE_GROUP_ID, '$PRIVILEGE_GROUP', '$CHANGED_TO_2_3_1', '$CHANGED_TO_2_4_0')"
- sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_group, is_internal) values ('$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_GROUP', 0)"
+ sqlite3 $DB_NAME "insert into privilege_info values ( $PROFILE_ID, '$PROFILE', $PACKAGE_TYPE_ID, '$PACKAGE_TYPE', $PRIVILEGE_LEVEL_ID, '$PRIVILEGE_LEVEL', '$API_VERSION_ISSUED', '$API_VERSION_EXPIRED', '$DOCUMENTED', '$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_NAME', '$PRIVILEGE_DISPLAY', '$PRIVILEGE_DESCRIPTION', $PRIVILEGE_GROUP_ID, '$PRIVILEGE_GROUP', '$CHANGED_TO_2_3_1', '$CHANGED_TO_2_4_0')"
+ sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_name, is_internal) values ('$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_NAME', 0)"
done
for internal_privilege in `cat internal_only.list`
do
echo "Inserting $internal_privilege ..."
- sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_group, is_internal) values ('$internal_privilege', 0, 'N/A', 1)"
+ sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_name, is_internal) values ('$internal_privilege', 0, 'N/A', 1)"
+done
+
+echo "Create PRIVACY_INFO table..."
+sqlite3 $DB_NAME "CREATE TABLE PRIVACY_INFO (PRIVACY_NAME TEXT UNIQUE, PRIVACY_ID NUMERIC, PRIVACY_DISPLAY TEXT);"
+echo "Insert into privacy_info ...."
+PRIVACY_ID=0
+for i in `cat $PRIVACYLIST_CSV`
+do
+ temp=`echo $i | awk '/^#/'`
+ if [ ! "$temp" = "" ]
+ then
+ continue
+ fi
+ PRIVACY_NAME=`echo $i | cut -d "," -f1`
+ PRIVACY_NAME_ONLY=`echo $PRIVACY_NAME | cut -d "/" -f5`
+ declare ${PRIVACY_NAME_ONLY}=$((PRIVACY_ID))
+ PRIVACY_DISPLAY=`echo $i | cut -d "," -f2`
+ echo "Insert $PRIVACY_NAME, PRIVACY_ID = $PRIVACY_ID "
+ sqlite3 $DB_NAME "insert into privacy_info (privacy_name, privacy_id, privacy_display) values ('$PRIVACY_NAME', $((PRIVACY_ID++)), '$PRIVACY_DISPLAY')"
+done
+
+echo "Create PRIVACY_WHITELIST table..."
+CREATE_WHITELIST_TABLE_QUERY="CREATE TABLE PRIVACY_WHITELIST (PKG_ID TEXT, PRIVACY_OPTION TEXT, SETTABLE TEXT);"
+sqlite3 $DB_NAME "$CREATE_WHITELIST_TABLE_QUERY"
+echo "insert into privacy_whiteliste ...."
+for i in `cat $PRIVACY_WHITELIST_CSV`
+do
+ temp=`echo $i | awk '/^#/'`
+ if [ ! "$temp" = "" ]
+ then
+ continue
+ fi
+ PKG_ID=`echo $i | cut -d "," -f1`
+ PRIVACY_OPTION=`echo $i | cut -d "," -f2`
+ #echo "first char ${PRIVACY_OPTION:0:1}"
+ IFS='-+ ' read -r -a array <<< $PRIVACY_OPTION
+ # init
+ TEMP=0
+ while [ $((TEMP)) -lt $((PRIVACY_ID)) ]
+ do
+ option_array[$((TEMP++))]=0
+ done
+ # privacy list set
+ for element in "${array[@]}"
+ do
+ if [ "$element" = "*" ]; then
+ TEMP=0
+ while [ $((TEMP)) -lt $PRIVACY_ID ]
+ do
+ option_array[$((TEMP++))]=1
+ done
+ else
+ if [ "${option_array[${element}]}" = "1" ]; then
+ option_array[${element}]=0
+ else
+ option_array[${element}]=1
+ fi
+ fi
+ done
+ SETTABLE=`echo $i | cut -d "," -f3`
+ # privacy option string
+ TEMP=0
+ PRIVACY_OPTION_STRING=""
+ while [ $((TEMP)) -lt $((PRIVACY_ID)) ]
+ do
+ PRIVACY_OPTION_STRING="$PRIVACY_OPTION_STRING""${option_array[$((TEMP++))]}"
+ done
+ echo "PKG_ID=$PKG_ID, PRIVACY_OPTION=$PRIVACY_OPTION_STRING, SETTABLE=$SETTABLE"
+ sqlite3 $DB_NAME "insert into privacy_whitelist values ('$PKG_ID', '$PRIVACY_OPTION_STRING', '$SETTABLE')"
done
-echo "Insert into PRIVACY_INFO"
-echo "http://tizen.org/privacy/account"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/account','IDS_ST_BODY_ACCOUNTS')"
-echo "http://tizen.org/privacy/bookmark"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/bookmark','IDS_BR_OPT_BOOKMARK')"
-echo "http://tizen.org/privacy/calendar"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/calendar','IDS_TPLATFORM_OPT_CALENDAR_ABB')"
-echo "http://tizen.org/privacy/call"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/call','IDS_ST_BODY_CALL')"
-echo "http://tizen.org/privacy/camera"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/camera','IDS_TPLATFORM_BODY_CAMERA')"
-echo "http://tizen.org/privacy/contacts"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/contacts','IDS_TPLATFORM_OPT_CONTACTS_ABB')"
-echo "http://tizen.org/privacy/location"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/location','IDS_TPLATFORM_OPT_LOCATION_T_LBS')"
-echo "http://tizen.org/privacy/message"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/message','IDS_ST_BODY_MESSAGE')"
-echo "http://tizen.org/privacy/microphone"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/microphone','IDS_TPLATFORM_MBODY_MICROPHONE')"
-echo "http://tizen.org/privacy/sensor"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/sensor','IDS_TPLATFORM_MBODY_SENSORS')"
-echo "http://tizen.org/privacy/userhistory"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/userhistory','IDS_TPLATFORM_MBODY_USER_HISTORY')"
--- /dev/null
+#PACKAGE_ID,#PRIVACY_OPTION,#SETTABLE
+attach-panel-camera,*-location,0
+attach-panel-document,*-location,0
+attach-panel-gallery,*-location,0
+attach-panel-voicerecorder,*-location,0
+cert-svc-ui,*-location,0
+hangul,*-location,0
+ise-default,*-location,0
+ise-engine-anthy,*-location,0
+ise-engine-default,*-location,0
+ise-engine-sunpinyin,*-location,0
+net.netpopup,*-location,0
+net.wifi-qs,*-location,0
+org.tizen.app-selector,*-location,0
+org.tizen.bluetooth-share-ui,*-location,0
+org.tizen.browser,*-location,0
+org.tizen.bt-syspopup,*-location,0
+org.tizen.calendar,*-location,0
+org.tizen.call-setting,*-location,0
+org.tizen.call-ui,*-location,0
+org.tizen.callmgr-popup,*-location,0
+org.tizen.camera-app,*-location,0
+org.tizen.chromium-efl,*-location,0
+org.tizen.contacts,*-location,0
+org.tizen.crash-syspopup,*-location,0
+org.tizen.d2d-conv-setting,*-location,0
+org.tizen.d2d-conv-syspopup,*-location,0
+org.tizen.download-manager,*-location,0
+org.tizen.dpm-syspopup,*-location,0
+org.tizen.dpm-toolkit,*-location,0
+org.tizen.email,*-location,0
+org.tizen.gallery,*-location,0
+org.tizen.gps-syspopup,*-location,0
+org.tizen.heremaps-uc,*-location,0
+org.tizen.homescreen-efl,*-location,0
+org.tizen.image-viewer,*-location,0
+org.tizen.indicator,*-location,0
+org.tizen.inputmethod-setting,*-location,0
+org.tizen.isf-kbd-mode-changer,*-location,0
+org.tizen.kaskit,*-location,0
+org.tizen.keyguard,*-location,0
+org.tizen.krate-setup-wizard,*-location,0
+org.tizen.lockscreen,*-location,0
+org.tizen.menu-screen,*-location,0
+org.tizen.message,*-location,0
+org.tizen.msg-manager,*-location,0
+org.tizen.music-player,*-location,0
+org.tizen.myfile,*-location,0
+org.tizen.myplace,*-location,0
+org.tizen.ode,*-location,0
+org.tizen.overheat-syspopup,*-location,0
+org.tizen.powerkey-syspopup,*-location,0
+org.tizen.privacy-setting,*-location,0
+org.tizen.quickpanel,*-location,0
+org.tizen.screen-reader,*-location,0
+org.tizen.service-plugin-sample,*-location,0
+org.tizen.setting,*-location,0
+org.tizen.setting-homescreen,*-location,0
+org.tizen.setting-location,*-location,0
+org.tizen.setting-notification,*-location,0
+org.tizen.settings-adid,*-location,0
+org.tizen.share-panel,*-location,0
+org.tizen.stt-engine-default,*-location,0
+org.tizen.sys-lock,*-location,0
+org.tizen.system-signal-sender,*-location,0
+org.tizen.system-syspopup,*-location,0
+org.tizen.task-mgr,*-location,0
+org.tizen.tts-engine-default,*-location,0
+org.tizen.ug-gallery-efl,*-location,0
+org.tizen.ug-lockscreen-options,*-location,0
+org.tizen.ug-myfile-efl,*-location,0
+org.tizen.videos,*-location,0
+org.tizen.voice-control-panel,*-location,0
+org.tizen.voice-setting,*-location,0
+org.tizen.volume,*-location,0
+org.tizen.wallpaper-ui-service,*-location,0
+org.tizen.widget_viewer_sdk,*-location,0
+org.tizen.wifi-direct-popup,*-location,0
+org.tizen.worldclock-efl,*-location,0
+setting-myaccount-efl,*-location,0
+table,*-location,0
+ug-bluetooth-efl,*-location,0
+ug-setting-mobileap-efl,*-location,0
+ug-setting-wifidirect-efl,*-location,0
+wifi-efl-ug,*-location,0
+org.tizen.memo,*-location,0
echo "Creating $DB_NAME ..."
touch $DB_NAME
-echo "Creating BLACK_LIST table ..."
-sqlite3 $DB_NAME "CREATE TABLE BLACK_LIST (UID NUMERIC, PACKAGE_TYPE NUMERIC , PRIVILEGE_NAME TEXT not null, UNIQUE(UID, PACKAGE_TYPE, PRIVILEGE_NAME));"
+echo "Creating PREVENT_LIST table ..."
+sqlite3 $DB_NAME "CREATE TABLE PREVENT_LIST (UID NUMERIC not null, PACKAGE_TYPE NUMERIC , PRIVILEGE_NAME TEXT not null, UNIQUE(UID, PACKAGE_TYPE, PRIVILEGE_NAME));"
+echo "Creating DISABLE_LIST table...."
+sqlite3 $DB_NAME "CREATE TABLE DISABLE_LIST (UID NUMERIC not null, PRIVILEGE_NAME TEXT not null, UNIQUE(UID, PRIVILEGE_NAME));"
+
+# for internal test
+#sqlite3 $DB_NAME "insert into disable_list values(0, 'http://tizen.org/privilege/yyyyy')"
echo "Check inserted data"
-sqlite3 $DB_NAME "select * from black_list"
+sqlite3 $DB_NAME "select * from prevent_list"
+sqlite3 $DB_NAME "select * from disable_list"
--- /dev/null
+#PRIVACY_ID,#PRIVACY_DISPLAY
+http://tizen.org/privacy/account,IDS_ST_BODY_ACCOUNTS
+http://tizen.org/privacy/bookmark,IDS_BR_OPT_BOOKMARK
+http://tizen.org/privacy/calendar,IDS_TPLATFORM_OPT_CALENDAR_ABB
+http://tizen.org/privacy/call,IDS_ST_BODY_CALL
+http://tizen.org/privacy/camera,IDS_TPLATFORM_BODY_CAMERA
+http://tizen.org/privacy/contacts,IDS_TPLATFORM_OPT_CONTACTS_ABB
+http://tizen.org/privacy/location,IDS_TPLATFORM_OPT_LOCATION_T_LBS
+http://tizen.org/privacy/message,IDS_ST_BODY_MESSAGE
+http://tizen.org/privacy/microphone,IDS_TPLATFORM_MBODY_MICROPHONE
+http://tizen.org/privacy/sensor,IDS_TPLATFORM_MBODY_SENSORS
+http://tizen.org/privacy/userhistory,IDS_TPLATFORM_MBODY_USER_HISTORY
echo "Creating $DB_NAME ..."
touch $DB_NAME
+PRIVACYLIST_CSV="privacylist.csv"
+
echo "Creating PRIVILEGE_INFO table ..."
-sqlite3 $DB_NAME "CREATE TABLE PRIVILEGE_INFO (PROFILE_ID NUMERIC, PROFILE TEXT, PACKAGE_TYPE_ID NUMERIC, PACKAGE_TYPE TEXT, PRIVILEGE_LEVEL_ID NUMERIC, PRIVILEGE_LEVEL TEXT, API_VERSION_ISSUED TEXT, API_VERSION_EXPIRED TEXT, DOCUMENTED INTEGER, PRIVILEGE_NAME TEXT, IS_PRIVACY NUMERIC, PRIVACY_GROUP TEXT, PRIVILEGE_DISPLAY TEXT, PRIVILEGE_DESCRIPTION TEXT, PRIVILEGE_GROUP_ID NUMERIC, PRIVLEGE_GROUP TEXT, CHANGED_TO_2_4_0 TEXT);"
+sqlite3 $DB_NAME "CREATE TABLE PRIVILEGE_INFO (PROFILE_ID NUMERIC, PROFILE TEXT, PACKAGE_TYPE_ID NUMERIC, PACKAGE_TYPE TEXT, PRIVILEGE_LEVEL_ID NUMERIC, PRIVILEGE_LEVEL TEXT, API_VERSION_ISSUED TEXT, API_VERSION_EXPIRED TEXT, DOCUMENTED INTEGER, PRIVILEGE_NAME TEXT, IS_PRIVACY NUMERIC, PRIVACY_NAME TEXT, PRIVILEGE_DISPLAY TEXT, PRIVILEGE_DESCRIPTION TEXT, PRIVILEGE_GROUP_ID NUMERIC, PRIVLEGE_GROUP TEXT, CHANGED_TO_2_3_1 TEXT, CHANGED_TO_2_4_0 TEXT);"
echo "Create VALID_PRIVILEGE_INFO Table..."
-sqlite3 $DB_NAME "CREATE TABLE VALID_PRIVILEGE_INFO (PRIVILEGE_NAME TEXT UNIQUE, IS_PRIVACY NUMERIC, PRIVACY_GROUP TEXT, IS_INTERNAL NUMERIC);"
-
-echo "Create PRIVACY_INFO table..."
-sqlite3 $DB_NAME "CREATE TABLE PRIVACY_INFO (PRIVACY_GROUP TEXT UNIQUE, PRIVACY_DISPLAY TEXT);"
+sqlite3 $DB_NAME "CREATE TABLE VALID_PRIVILEGE_INFO (PRIVILEGE_NAME TEXT UNIQUE, IS_PRIVACY NUMERIC, PRIVACY_NAME TEXT, IS_INTERNAL NUMERIC);"
echo "Inserting data ..."
IFS=$'\n'
exit
fi
- PRIVACY_GROUP=`echo $i | cut -d "," -f 9`
+ PRIVACY_NAME=`echo $i | cut -d "," -f 9`
PRIVILEGE_DISPLAY=`echo $i | cut -d "," -f 11`
echo "Inserting $PRIVILEGE_NAME ..."
- sqlite3 $DB_NAME "insert into privilege_info values ( $PROFILE_ID, '$PROFILE', $PACKAGE_TYPE_ID, '$PACKAGE_TYPE', $PRIVILEGE_LEVEL_ID, '$PRIVILEGE_LEVEL', '$API_VERSION_ISSUED', '$API_VERSION_EXPIRED', '$DOCUMENTED', '$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_GROUP', '$PRIVILEGE_DISPLAY', '$PRIVILEGE_DESCRIPTION', $PRIVILEGE_GROUP_ID, '$PRIVILEGE_GROUP', '$CHANGED_TO_2_4_0')"
- sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_group, is_internal) values ('$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_GROUP', 0)"
+ sqlite3 $DB_NAME "insert into privilege_info values ( $PROFILE_ID, '$PROFILE', $PACKAGE_TYPE_ID, '$PACKAGE_TYPE', $PRIVILEGE_LEVEL_ID, '$PRIVILEGE_LEVEL', '$API_VERSION_ISSUED', '$API_VERSION_EXPIRED', '$DOCUMENTED', '$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_NAME', '$PRIVILEGE_DISPLAY', '$PRIVILEGE_DESCRIPTION', $PRIVILEGE_GROUP_ID, '$PRIVILEGE_GROUP', '$CHANGED_TO_2_3_1', '$CHANGED_TO_2_4_0')"
+ sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_name, is_internal) values ('$PRIVILEGE_NAME', '$IS_PRIVACY', '$PRIVACY_NAME', 0)"
done
for internal_privilege in `cat internal_only.list`
do
echo "Inserting $internal_privilege ..."
- sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_group, is_internal) values ('$internal_privilege', 0, 'N/A', 1)"
+ sqlite3 $DB_NAME "insert into valid_privilege_info (privilege_name, is_privacy, privacy_name, is_internal) values ('$internal_privilege', 0, 'N/A', 1)"
done
-echo "Insert into PRIVACY_INFO"
-echo "http://tizen.org/privacy/account"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/account','IDS_ST_BODY_ACCOUNTS')"
-echo "http://tizen.org/privacy/bookmark"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/bookmark','IDS_BR_OPT_BOOKMARK')"
-echo "http://tizen.org/privacy/calendar"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/calendar','IDS_TPLATFORM_OPT_CALENDAR_ABB')"
-echo "http://tizen.org/privacy/call"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/call','IDS_ST_BODY_CALL')"
-echo "http://tizen.org/privacy/camera"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/camera','IDS_TPLATFORM_BODY_CAMERA')"
-echo "http://tizen.org/privacy/contacts"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/contacts','IDS_TPLATFORM_OPT_CONTACTS_ABB')"
-echo "http://tizen.org/privacy/location"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/location','IDS_TPLATFORM_OPT_LOCATION_T_LBS')"
-echo "http://tizen.org/privacy/message"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/message','IDS_ST_BODY_MESSAGE')"
-echo "http://tizen.org/privacy/microphone"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/microphone','IDS_TPLATFORM_MBODY_MICROPHONE')"
-echo "http://tizen.org/privacy/sensor"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/sensor','IDS_TPLATFORM_MBODY_SENSORS')"
-echo "http://tizen.org/privacy/userhistory"
-sqlite3 $DB_NAME "insert into privacy_info (privacy_group, privacy_display) values ('http://tizen.org/privacy/userhistory','IDS_TPLATFORM_MBODY_USER_HISTORY')"
+echo "Create PRIVACY_INFO table..."
+sqlite3 $DB_NAME "CREATE TABLE PRIVACY_INFO (PRIVACY_NAME TEXT UNIQUE, PRIVACY_ID NUMERIC, PRIVACY_DISPLAY TEXT);"
+echo "Insert into privacy_info ...."
+PRIVACY_ID=0
+for i in `cat $PRIVACYLIST_CSV`
+do
+ temp=`echo $i | awk '/^#/'`
+ if [ ! "$temp" = "" ]
+ then
+ continue
+ fi
+ PRIVACY_NAME=`echo $i | cut -d "," -f1`
+ PRIVACY_NAME_ONLY=`echo $PRIVACY_NAME | cut -d "/" -f5`
+ declare ${PRIVACY_NAME_ONLY}=$((PRIVACY_ID))
+ PRIVACY_DISPLAY=`echo $i | cut -d "," -f2`
+ echo "Insert $PRIVACY_NAME, PRIVACY_ID = $PRIVACY_ID "
+ sqlite3 $DB_NAME "insert into privacy_info (privacy_name, privacy_id, privacy_display) values ('$PRIVACY_NAME', $((PRIVACY_ID++)), '$PRIVACY_DISPLAY')"
+done
--- /dev/null
+#PKG_ID,#PRIVACY_OPTION,#SETTABLE
+ise-default,*-location,0
+ise-engine-default,*-location,0
+org.tizen.alarm,*-location,0
+org.tizen.app-selector,*-location,0
+org.tizen.bluetooth,*-location,0
+org.tizen.bt-syspopup,*-location,0
+org.tizen.chromium-efl,*-location,0
+org.tizen.classic-watch,*-location,0
+org.tizen.crash-syspopup,*-location,0
+org.tizen.dpm-syspopup,*-location,0
+org.tizen.dpm-toolkit,*-location,0
+org.tizen.elm-demo-tizen-wearable,*-location,0
+org.tizen.heremaps-uc,*-location,0
+org.tizen.idle-clock-digital,*-location,0
+org.tizen.inputdelegator,*-location,0
+org.tizen.inputmethod-setting,*-location,0
+org.tizen.my-account,*-location,0
+org.tizen.nfc-setting-app,*-location,0
+org.tizen.ode,*-location,0
+org.tizen.powerkey-syspopup,*-location,0
+org.tizen.privacy-setting,*-location,0
+org.tizen.screen-reader,*-location,0
+org.tizen.stopwatch,*-location,0
+org.tizen.stt-engine-default,*-location,0
+org.tizen.system-syspopup,*-location,0
+org.tizen.task-mgr,*-location,0
+org.tizen.timer,*-location,0
+org.tizen.tts-engine-default,*-location,0
+org.tizen.w-home,*-location,0
+org.tizen.w-wifi,*-location,0
+org.tizen.watch-setting,*-location,0
+org.tizen.widget_viewer_sdk,*-location,0
+org.tizen.windicator,*-location,0
#ifdef __TIZEN__
#include <dlog.h>
+#include <tzplatform_config.h>
+#define GLOBAL_USER tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)
#ifdef LOG_TAG
#undef LOG_TAG
#define LOG_TAG "PRIVILEGE_DB_MANAGER"
#define _LOGD(fmt, arg...)
#define _LOGW(fmt, arg...)
#define _LOGI(fmt, arg...)
+#define GLOBAL_USER 0
#endif
return returnValue; \
}
-int __initialize_db(char type, sqlite3 ** db, privilege_db_manager_package_type_e package_type)
+char* __get_policy_table(privilege_manager_policy_type_e policy_type)
+{
+ switch (policy_type) {
+ case (PRIVILEGE_MANAGER_POLICY_TYPE_PREVENT):
+ return "prevent_list";
+ case (PRIVILEGE_MANAGER_POLICY_TYPE_DISABLE):
+ default:
+ return "disable_list";
+ }
+}
+
+int __initialize_db(privilege_db_type_e type, sqlite3 ** db, privilege_db_manager_package_type_e package_type)
{
char *db_path = NULL;
int db_mode = SQLITE_OPEN_READONLY;
switch (type) {
- case 'i':
+ case PRIVILEGE_DB_TYPE_INFO:
if (package_type == PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_WRT)
db_path = PRIVILEGE_INFO_WRT_DB_PATH;
else
db_path = PRIVILEGE_INFO_CORE_DB_PATH;
break;
- case 'm':
+ case PRIVILEGE_DB_TYPE_MAPPING:
if (package_type == PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_WRT)
db_path = PRIVILEGE_MAPPING_WRT_DB_PATH;
else
db_path = PRIVILEGE_MAPPING_CORE_DB_PATH;
break;
- case 'u':
+ case PRIVILEGE_DB_TYPE_POLICY_RW:
db_mode = SQLITE_OPEN_READWRITE;
- case 'p':
+ case PRIVILEGE_DB_TYPE_POLICY_RO:
db_path = PRIVILEGE_POLICY_DB_PATH;
break;
default:
int ret = 0;
int count = 0;
- ret = __initialize_db('p', &db, package_type);
+ ret = __initialize_db(PRIVILEGE_DB_TYPE_POLICY_RO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
char *privilege_list_str = NULL;
ret = __make_privilege_list_str(privilege_list, &privilege_list_str);
_LOGD("check black list with uid = %d, package_type = %d, privilege_list = %s", uid, package_type, privilege_list_str);
- char *sql = sqlite3_mprintf("select distinct privilege_name from black_list where privilege_name in(%s)and uid=%d and package_type=%d", privilege_list_str, uid, package_type);
+ char *sql = sqlite3_mprintf("select distinct privilege_name from prevent_list where privilege_name in(%s)and uid=%d and package_type=%d", privilege_list_str, uid, package_type);
sqlite3_free(privilege_list_str);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
}
TryReturn(changed_to_version != NULL, , PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY] privilege_name's strdup is failed.");
- ret = __initialize_db('i', &db, package_type);
+ ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
sqlite3_stmt *stmt = NULL;
int ret;
- ret = __initialize_db('m', &db, package_type);
+ ret = __initialize_db(PRIVILEGE_DB_TYPE_MAPPING, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('i', &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
- char *sql = sqlite3_mprintf("select privacy_display from privacy_info where privacy_group=%Q", privacy);
+ char *sql = sqlite3_mprintf("select privacy_display from privacy_info where privacy_name=%Q", privacy);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
int ret;
- ret = __initialize_db('i', &db, package_type);
+ ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
int ret;
- ret = __initialize_db('i', &db, package_type);
+ ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
int ret;
- ret = __initialize_db('i', &db, package_type);
+ ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
int res = 0;
- int ret = __initialize_db('i', &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] DB INITIALIZE FAIL");
char *sql = sqlite3_mprintf("select privilege_name,is_privacy, is_internal from valid_privilege_info where privilege_name=%Q", privilege);
return res;
}
+/* TBD : Remove it */
int privilege_db_manager_is_preloaded(const char* pkgid)
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('i', &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] DB INITIALIZE FAIL");
char *sql = sqlite3_mprintf("select * from preloaded where name=%Q", pkgid);
}
}
+int privilege_db_manager_is_privacy_white_list(const char* pkgid, const char* privilege)
+{
+#ifdef DISABLE_ASKUSER
+ return 1;
+#endif
+ sqlite3 *db = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] DB INITIALIZE FAIL");
+
+ int privacy_id = 0;
+ ret = privilege_db_manager_get_privacy_id_by_privilege(privilege, &privacy_id);
+ TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] privilege_db_manager_get_privacy_id_by_privilege failed");
+
+ char *sql = sqlite3_mprintf("select privacy_option from privacy_whitelist where pkg_id=%Q", pkgid);
+ TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
+
+ ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
+ TryReturn(ret == SQLITE_OK, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database : %s", sqlite3_errmsg(db));
+
+ int res = 0;
+ do {
+ ret = sqlite3_step(stmt);
+ if (ret == SQLITE_ROW) {
+ char* privacy_option = strdup((char *)sqlite3_column_text(stmt, 0));
+ TryReturn(privacy_option != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER] privacy_option strdup failed");
+ if (privacy_option[privacy_id] == '1') {
+ res = 1;
+ free(privacy_option);
+ break;
+ }
+ free(privacy_option);
+ }
+ } while (ret == SQLITE_ROW);
+
+ __finalize_db(db, stmt, sql);
+ return res;
+}
+
+int privilege_db_manager_is_user_settable(const char* pkgid, const char* privacy)
+{
+#ifdef DISABLE_ASKUSER
+ return 1;
+#endif
+ sqlite3 *db = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int res = 1;
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] DB INITIALIZE FAIL");
+
+ int privacy_id = 0;
+ ret = privilege_db_manager_get_privacy_id(privacy, &privacy_id);
+ TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] privilege_db_manager_get_privacy_id failed");
+
+ char *sql = sqlite3_mprintf("select privacy_option, settable from privacy_whitelist where pkg_id=%Q", pkgid);
+ TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
+
+ ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
+ TryReturn(ret == SQLITE_OK, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database : %s", sqlite3_errmsg(db));
+
+ res = 1;
+ do {
+ ret = sqlite3_step(stmt);
+ if (ret == SQLITE_ROW) {
+ char* privacy_option = strdup((char *)sqlite3_column_text(stmt, 0));
+ TryReturn(privacy_option != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER] privacy_option strdup failed");
+ int settable_flag = (int)sqlite3_column_int(stmt, 1);
+ if (privacy_option[privacy_id] == '1' && settable_flag == 1) {
+ res = 1;
+ free(privacy_option);
+ break;
+ } else if (privacy_option[privacy_id] == '1' && settable_flag == 0) {
+ res = 0;
+ free(privacy_option);
+ break;
+ } else {
+ res = 1;
+ }
+ free(privacy_option);
+ }
+ } while (ret == SQLITE_ROW);
+
+ __finalize_db(db, stmt, sql);
+ return res;
+}
+
+int privilege_db_manager_is_disabled_privilege(uid_t uid, const char* privilege)
+{
+ sqlite3 *db = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_POLICY_RO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ TryReturn(ret == PRIVILEGE_DB_MANAGER_ERR_NONE, , ret, "[PRIVILEGE_DB_MANAGER] DB INITIALIZE FAIL. ret = %d", ret);
+
+ char *sql = sqlite3_mprintf("select * from disable_list where privilege_name=%Q and (uid=%d or uid=%d)", privilege, uid, GLOBAL_USER);
+ TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
+
+ ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
+ TryReturn(ret == SQLITE_OK, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database : %s", sqlite3_errmsg(db));
+
+ ret = sqlite3_step(stmt);
+ if (ret == SQLITE_ROW) {
+ _LOGD("%s is disabled for uid: %d", privilege, uid);
+ ret = 1;
+ } else {
+ _LOGD("%s is not disabled for uid: %d. ret = %s", privilege, uid, sqlite3_errmsg(db));
+ ret = 0;
+ }
+ __finalize_db(db, stmt, sql);
+ return ret;
+}
+
int __privilege_db_manager_get_privacy_list(GList **privacy_list)
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('i', &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
- char *sql = sqlite3_mprintf("select DISTINCT privacy_group from privilege_info where is_privacy=1 order by privacy_group");
+ char *sql = sqlite3_mprintf("select DISTINCT privacy_name from privilege_info where is_privacy=1 order by privacy_name");
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('i', &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
- char *sql = sqlite3_mprintf("select distinct privilege_name from valid_privilege_info where is_privacy=1 and privacy_group=%Q", privacy);
+ char *sql = sqlite3_mprintf("select distinct privilege_name from valid_privilege_info where is_privacy=1 and privacy_name=%Q", privacy);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
}
-int privilege_db_manager_get_privacy_by_privilege(const char* privilege, char** privacy)
+int privilege_db_manager_get_privacy_by_privilege(const char* privilege, char** privacy_name)
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('i', &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
- char *sql = sqlite3_mprintf("select privacy_group from valid_privilege_info where privilege_name=%Q", privilege);
+ char *sql = sqlite3_mprintf("select privacy_name from valid_privilege_info where privilege_name=%Q", privilege);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
return PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY;
}
ret = sqlite3_step(stmt);
- if (ret == SQLITE_ROW)
- *privacy = strdup((char*)sqlite3_column_text(stmt, 0));
+ if (ret == SQLITE_ROW) {
+ *privacy_name = strdup((char*)sqlite3_column_text(stmt, 0));
+ ret = PRIVILEGE_DB_MANAGER_ERR_NONE;
+ } else {
+ ret = PRIVILEGE_DB_NO_EXIST_RESULT;
+ }
__finalize_db(db, stmt, sql);
- return PRIVILEGE_DB_MANAGER_ERR_NONE;
+ return ret;
+}
+
+int privilege_db_manager_get_privacy_id_by_privilege(const char* privilege, int *privacy_id)
+{
+ sqlite3 *db = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
+ return ret;
+
+ char *sql = sqlite3_mprintf("select privacy_id from privacy_info where privacy_name=(select privacy_name from valid_privilege_info where privilege_name=%Q)", privilege);
+ TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
+ ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
+ if (ret != SQLITE_OK) {
+ _LOGE("[DB_FAIL] fail to prepare database : %s", sqlite3_errmsg(db));
+ __finalize_db(db, stmt, sql);
+ return PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY;
+ }
+ ret = sqlite3_step(stmt);
+ if (ret == SQLITE_ROW) {
+ int tmp = (int)sqlite3_column_int(stmt, 0);
+ _LOGD("privacy_id = %d", tmp);
+ *privacy_id = tmp;
+ ret = PRIVILEGE_DB_MANAGER_ERR_NONE;
+ } else {
+ ret = PRIVILEGE_DB_NO_EXIST_RESULT;
+ }
+
+ __finalize_db(db, stmt, sql);
+
+ return ret;
}
-int privilege_db_manager_get_black_list(int uid, privilege_db_manager_package_type_e package_type, GList **privilege_list)
+int privilege_db_manager_get_privacy_id(const char* privacy, int *privacy_id)
+{
+ sqlite3 *db = NULL;
+ sqlite3_stmt *stmt = NULL;
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_INFO, &db, PRIVILEGE_DB_MANAGER_PACKAGE_TYPE_CORE);
+ if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
+ return ret;
+
+ char *sql = sqlite3_mprintf("select privacy_id from privacy_info where privacy_name=%Q", privacy);
+ TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
+ ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
+ if (ret != SQLITE_OK) {
+ _LOGE("[DB_FAIL] fail to prepare database : %s", sqlite3_errmsg(db));
+ __finalize_db(db, stmt, sql);
+ return PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY;
+ }
+ ret = sqlite3_step(stmt);
+ if (ret == SQLITE_ROW) {
+ int tmp = (int)sqlite3_column_int(stmt, 0);
+ _LOGD("privacy_id = %d", tmp);
+ *privacy_id = tmp;
+ ret = PRIVILEGE_DB_MANAGER_ERR_NONE;
+ } else {
+ ret = PRIVILEGE_DB_NO_EXIST_RESULT;
+ }
+
+ __finalize_db(db, stmt, sql);
+
+ return ret;
+}
+
+
+int privilege_db_manager_get_black_list(privilege_manager_policy_type_e policy_type, int uid, privilege_db_manager_package_type_e package_type, GList **privilege_list)
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('p', &db, package_type);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_POLICY_RO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
- _LOGD("Get privilege_name from black_list where uid = %d, package_type = %d", uid, package_type);
- char* sql = sqlite3_mprintf("select privilege_name from black_list where uid=%d and package_type=%d", uid, package_type);
+ _LOGD("Get privilege_name from %s where uid = %d, package_type = %d", __get_policy_table(policy_type), uid, package_type);
+ char* sql = sqlite3_mprintf("select privilege_name from %Q where uid=%d and package_type=%d", __get_policy_table(policy_type), uid, package_type);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
return PRIVILEGE_DB_MANAGER_ERR_NONE;
}
-int privilege_db_manager_set_black_list(int uid, privilege_db_manager_package_type_e package_type, GList *privilege_list)
+int privilege_db_manager_set_black_list(privilege_manager_policy_type_e policy_type, int uid, privilege_db_manager_package_type_e package_type, GList *privilege_list)
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('u', &db, package_type);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_POLICY_RW, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
GList *l = NULL;
for (l = privilege_list; l != NULL; l = l->next) {
char *privilege_name = (char *)l->data;
- _LOGD("insert uid = %d, package_type = %d, privilege_name = %s", uid, package_type, privilege_name);
- char* sql = sqlite3_mprintf("insert or ignore into black_list (uid, package_type, privilege_name) values (%d, %d, %Q)", uid, package_type, privilege_name);
+ _LOGD("insert into %s uid = %d, package_type = %d, privilege_name = %s", __get_policy_table(policy_type), uid, package_type, privilege_name);
+ char* sql = sqlite3_mprintf("insert or ignore into %Q (uid, package_type, privilege_name) values (%d, %d, %Q)", __get_policy_table(policy_type), uid, package_type, privilege_name);
TryReturn(sql != NULL, sqlite3_exec(db, "ROLLBACK TRANSACTION", NULL, NULL, NULL); __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
return PRIVILEGE_DB_MANAGER_ERR_NONE;
}
-int privilege_db_manager_unset_black_list(int uid, privilege_db_manager_package_type_e package_type, GList *privilege_list)
+int privilege_db_manager_unset_black_list(privilege_manager_policy_type_e policy_type, int uid, privilege_db_manager_package_type_e package_type, GList *privilege_list)
{
sqlite3 *db = NULL;
sqlite3_stmt *stmt = NULL;
- int ret = __initialize_db('u', &db, package_type);
+ int ret = __initialize_db(PRIVILEGE_DB_TYPE_POLICY_RW, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
GList *l = NULL;
for (l = privilege_list; l != NULL; l = l->next) {
char *privilege_name = (char *)l->data;
- _LOGD("delete from black_list where uid = %d, package_type = %d, privilege_name = %s", uid, package_type, privilege_name);
- char* sql = sqlite3_mprintf("delete from black_list where uid=%d and package_type=%d and privilege_name=%Q", uid, package_type, privilege_name);
+ _LOGD("delete from %s where uid = %d, package_type = %d, privilege_name = %s", __get_policy_table(policy_type), uid, package_type, privilege_name);
+ char* sql = sqlite3_mprintf("delete from %Q where uid=%d and package_type=%d and privilege_name=%Q", __get_policy_table(policy_type), uid, package_type, privilege_name);
TryReturn(sql != NULL, sqlite3_exec(db, "ROLLBACK TRANSACTION", NULL, NULL, NULL); __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
if (ret != SQLITE_OK) {
#endif
}
+/* TBD: remove it */
int privilege_info_is_privacy2(const char* label, const char* privilege)
{
TryReturn(privilege != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege is NULL");
#endif
}
+int privilege_info_get_privilege_type(uid_t uid, const char* pkgid, const char* privilege, privilege_manager_privilege_type_e *type)
+{
+ TryReturn(pkgid != NULL && privilege != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] pkgid or privilege is NULL");
+ int ret = PRVMGR_ERR_NONE;
+ LOGD("get privilege type for uid: <%d>, pkgid: <%s>, privilege: <%s>", uid, pkgid, privilege);
+ ret = privilege_db_manager_is('p', privilege);
+ if (ret == 1) {
+ ret = privilege_db_manager_is_privacy_white_list(pkgid, privilege);
+ if (ret == 1) {
+ *type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL;
+ ret = PRVMGR_ERR_NONE;
+ } else if (ret == 0) {
+ *type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY;
+ ret = PRVMGR_ERR_NONE;
+ } else {
+ LOGE("privilege_db_manager_is_privacy_whitelist failed");
+ ret = PRVMGR_ERR_INTERNAL_ERROR;
+ }
+ } else if (ret == 0) { // not privacy -> check mdm black list
+ ret = privilege_db_manager_is_disabled_privilege(uid, privilege);
+ if (ret == 1) {
+ *type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_BLACKLIST;
+ ret = PRVMGR_ERR_NONE;
+ } else if (ret == 0) {
+ *type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL;
+ ret = PRVMGR_ERR_NONE;
+ } else {
+ LOGE("privilege_db_manager_is_disabled_privilege failed");
+ ret = PRVMGR_ERR_INTERNAL_ERROR;
+ }
+ } else {
+ LOGE("privilege_db_manager_is failed");
+ ret = PRVMGR_ERR_INTERNAL_ERROR;
+ }
+ return ret;
+}
+
+int privilege_info_is_user_settable(const char* pkgid, const char* privacy)
+{
+ TryReturn(pkgid != NULL && privacy != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] pkgid or privacy is NULL");
+ int ret = privilege_db_manager_is_user_settable(pkgid, privacy);
+ if (ret == 1)
+ return 1;
+ else if (ret == 0)
+ return 0;
+
+ if (ret == PRIVILEGE_DB_NO_EXIST_RESULT)
+ LOGE("%s is invalid privacy name", privacy);
+ else
+ LOGE("ret = %d", ret);
+
+ return -1;
+}
+
int privilege_info_is_valid(const char* privilege)
{
TryReturn(privilege != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege is NULL");
{
TryReturn(package_type == PRVMGR_PACKAGE_TYPE_WRT || package_type == PRVMGR_PACKAGE_TYPE_CORE, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] package_type invalid!");
- int ret = privilege_db_manager_get_black_list(uid, package_type, privilege_list);
+ int ret = privilege_db_manager_get_black_list(PRIVILEGE_MANAGER_POLICY_TYPE_PREVENT, uid, package_type, privilege_list);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE)
ret = PRVMGR_ERR_NONE;
else
{
TryReturn(privilege_list != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege_list is NULL.");
TryReturn(package_type == PRVMGR_PACKAGE_TYPE_WRT || package_type == PRVMGR_PACKAGE_TYPE_CORE, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] Invalid package_type = %d.", package_type);
- int ret = privilege_db_manager_set_black_list(uid, package_type, privilege_list);
+ int ret = privilege_db_manager_set_black_list(PRIVILEGE_MANAGER_POLICY_TYPE_PREVENT, uid, package_type, privilege_list);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
ret = PRVMGR_ERR_INTERNAL_ERROR;
return ret;
{
TryReturn(privilege_list != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege_list is NULL.");
TryReturn(package_type == PRVMGR_PACKAGE_TYPE_WRT || package_type == PRVMGR_PACKAGE_TYPE_CORE, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] Invalid package_type = %d.", package_type);
- int ret = privilege_db_manager_unset_black_list(uid, package_type, privilege_list);
+ int ret = privilege_db_manager_unset_black_list(PRIVILEGE_MANAGER_POLICY_TYPE_PREVENT, uid, package_type, privilege_list);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
ret = PRVMGR_ERR_INTERNAL_ERROR;
return ret;
}
+void __test_privilege_db_manager_get_privacy_by_privilege()
+{
+ int ret = 0;
+ int privacy_id = 100;
+ char* privacy_name = NULL;
+
+ __print_line();
+ printf("privilege: http://tizen.org/privilege/account.read\n");
+ printf("privacy: http://tizen.org/privacy/account\n");
+ ret = privilege_db_manager_get_privacy_by_privilege("http://tizen.org/privilege/account.read", &privacy_name);
+ ret = privilege_db_manager_get_privacy_id_by_privilege("http://tizen.org/privilege/account.read", &privacy_id);
+ printf("privacy name = %s, privacy_id = %d\n", privacy_name, privacy_id);
+ if (ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/account") && privacy_id == 0) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ free(privacy_name);
+ privacy_name = NULL;
+
+ __print_line();
+ printf("privilege: http://tizen.org/privilege/location\n");
+ printf("privacy: http://tizen.org/privacy/location\n");
+ ret = privilege_db_manager_get_privacy_by_privilege("http://tizen.org/privilege/location", &privacy_name);
+ ret = privilege_db_manager_get_privacy_id_by_privilege("http://tizen.org/privilege/location", &privacy_id);
+ printf("privacy name = %s, privacy_id = %d\n", privacy_name, privacy_id);
+ if (ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/location") && privacy_id == 6) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+ free(privacy_name);
+ privacy_name = NULL;
+
+ __print_line();
+ printf("privilege: http://tizen.org/privilege/call\n");
+ printf("privacy: http://tizen.org/privacy/call\n");
+ ret = privilege_db_manager_get_privacy_by_privilege("http://tizen.org/privilege/call", &privacy_name);
+ ret = privilege_db_manager_get_privacy_id_by_privilege("http://tizen.org/privilege/call", &privacy_id);
+ printf("privacy name = %s, privacy_id = %d\n", privacy_name, privacy_id);
+ if (ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/call") && privacy_id == 3) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+ free(privacy_name);
+ privacy_name = NULL;
+}
+
+void __test_privilege_db_manager_is_privacy_white_list()
+{
+ int ret = 0;
+
+ __print_line();
+ printf("pkgid: ise-default\n");
+ printf("privilege: http://tizen.org/privilege/call\n");
+ printf("is privacy whitelist\n");
+ ret = privilege_db_manager_is_privacy_white_list("ise-default", "http://tizen.org/privilege/call");
+ printf("ret = %d\n", ret);
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid: ise-default\n");
+ printf("privilege: http://tizen.org/privilege/location\n");
+ printf("is not privacy whitelist\n");
+ ret = privilege_db_manager_is_privacy_white_list("ise-default", "http://tizen.org/privilege/location");
+ printf("ret = %d\n", ret);
+#ifdef ENABLE_ASKUSER
+ if (ret == 0) {
+#else
+ if (ret == 1) {
+#endif
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid: ise-default\n");
+ printf("privilege: http://tizen.org/privilege/calendar.read\n");
+ printf("is privacy whitelist\n");
+ ret = privilege_db_manager_is_privacy_white_list("ise-default", "http://tizen.org/privilege/calendar.read");
+ printf("ret = %d\n", ret);
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid: orxxxxx\n");
+ printf("privilege: http://tizen.org/privilege/call\n");
+ printf("is not privacy whitelist\n");
+ ret = privilege_db_manager_is_privacy_white_list("orxxxxx", "http://tizen.org/privilege/call");
+ printf("ret = %d\n", ret);
+#ifdef ENABLE_ASKUSER
+ if (ret == 0) {
+#else
+ if (ret == 1) {
+#endif
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+}
+
+void __test_privilege_db_manager_is_disabled_privilege()
+{
+ int ret = 0;
+ __print_line();
+ printf("uid = 5001, privilege: http://tizen.org/privilege/xxxxx\n");
+ printf("is not disabled\n");
+ ret = privilege_db_manager_is_disabled_privilege(5001, "http://tizen.org/privilege/xxxxx");
+ printf("ret = %d\n", ret);
+ if (ret == 0) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("uid = 0, privilege: http://tizen.org/privilege/yyyyy\n");
+ printf("is disabled\n");
+ ret = privilege_db_manager_is_disabled_privilege(0, "http://tizen.org/privilege/yyyyy");
+ printf("ret = %d\n", ret);
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+}
+
+void __test_privilege_db_manager_get_privacy_id()
+{
+ int ret = 0;
+ int privacy_id = 100;
+
+ __print_line();
+ ret = privilege_db_manager_get_privacy_id("http://tizen.org/privacy/account", &privacy_id);
+ printf("privacy : http://tizen.org/privacy/account, privacy_id = %d\n", privacy_id);
+ if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE && privacy_id == 0) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ ret = privilege_db_manager_get_privacy_id("http://tizen.org/privacy/location", &privacy_id);
+ printf("privacy : http://tizen.org/privacy/location, privacy_id = %d\n", privacy_id);
+ if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE && privacy_id == 6) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+ __print_line();
+}
+
+void __test_privilege_db_manager_is_user_settable()
+{
+ int ret = 0;
+
+ __print_line();
+ printf("pkgid: org.tizen.gps-syspopup\n");
+ printf("privilege: http://tizen.org/privacy/calendar\n");
+ printf("is not user-settable\n");
+ ret = privilege_db_manager_is_user_settable("org.tizen.gps-syspopup", "http://tizen.org/privacy/calendar");
+ printf("ret = %d\n", ret);
+ if (ret == 0) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid: org.tizen.gps-syspopup\n");
+ printf("privilege: http://tizen.org/privacy/location\n");
+ printf("is user-settable\n");
+ ret = privilege_db_manager_is_user_settable("org.tizen.gps-syspopup", "http://tizen.org/privacy/location");
+ printf("ret = %d\n", ret);
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+
+ __print_line();
+ printf("pkgid: org.tizen.xxxxxxx\n");
+ printf("privilege: http://tizen.org/privacy/location\n");
+ printf("is user-settable\n");
+ ret = privilege_db_manager_is_user_settable("org.tizen.xxxxxxx", "http://tizen.org/privacy/location");
+ printf("ret = %d\n", ret);
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid: org.tizen.xxxxxxx\n");
+ printf("privilege: http://tizen.org/privacy/xxxxx\n");
+ printf("is user-settable\n");
+ ret = privilege_db_manager_is_user_settable("org.tizen.xxxxxxx", "http://tizen.org/privacy/xxxxx");
+ printf("ret = %d\n", ret);
+ if (ret == PRIVILEGE_DB_NO_EXIST_RESULT) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail\n");
+ __color_to_origin();
+ }
+
+ __print_line();
+}
+
int main()
{
__tcinfo(function, "privilege_db_manager_get_privilege_list");
__tcinfo(function, "privilege_db_manager_get_privilege_description");
__test_privilege_db_manager_get_privilege_description();
+ __tcinfo(function, "privilege_db_manager_get_privacy_id_by_privilege, privilege_db_manager_get_privacy_by_privilege");
+ __test_privilege_db_manager_get_privacy_by_privilege();
+
+ __tcinfo(function, "privilege_db_manager_is_privacy_white_list");
+ __test_privilege_db_manager_is_privacy_white_list();
+
+ __tcinfo(function, "privilege_db_manager_is_disabled_privilege");
+ __test_privilege_db_manager_is_disabled_privilege();
+
+ __tcinfo(function, "privilege_db_manager_get_privacy_id");
+ __test_privilege_db_manager_get_privacy_id();
+
+ __tcinfo(function, "privilege_db_manager_is_user_settable");
+ __test_privilege_db_manager_is_user_settable();
+
__color_to_green();
printf("Test Complete\n");
printf("success : %d, ", success_cnt);
free(group_name);
}
-
+#ifdef ENABLE_ASKUSER
static void __test_privilege_info_is_privacy2()
{
-#ifndef PROFILE_TYPE_TV
int ret = 0;
printf("PRELOADED + NOT LOCATION PRIVACY -> ALLOW (not privacy)\n");
printf("Test FAILED. ret = %d\n", ret);
}
__print_line();
+}
+#endif
+
+static char* __get_privilege_type_string(privilege_manager_privilege_type_e type)
+{
+ switch (type) {
+ case PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL:
+ return "PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL";
+ case PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY:
+ return "PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY";
+ case PRIVILEGE_MANAGER_PRIVILEGE_TYPE_BLACKLIST:
+ return "PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY";
+ default:
+ return "None of privilege_manager_privilege_type_e";
+ }
+}
+static void __test_privilege_info_get_privilege_type()
+{
+ int ret = 0;
+ privilege_manager_privilege_type_e type;
+
+ __print_line();
+ printf("uid = 5001\n");
+ printf("pkgid = org.tizen.contacts\norg.tizen.contacts");
+ printf("privilege = http://tizen.org/privilege/internet\n");
+ printf("expected type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL\n");
+ ret = privilege_info_get_privilege_type(5001, "org.tizen.contacts", "http://tizen.org/privilege/internet", &type);
+ if (ret == PRVMGR_ERR_NONE && type == PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %s, type = %s\n", __get_result_string('m', ret), __get_privilege_type_string(type));
+ __color_to_origin();
+ }
+ __print_line();
+ printf("uid = 5001\n");
+ printf("pkgid = org.tizen.contacts\n");
+ printf("privilege = http://tizen.org/privilege/location\n");
+ ret = privilege_info_get_privilege_type(5001, "org.tizen.contacts", "http://tizen.org/privilege/location", &type);
+#ifdef DISABLE_ASKUSER
+ printf("expected type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL\n");
+ if (ret == PRVMGR_ERR_NONE && type == PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL) {
+#else
+ printf("expected type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY\n");
+ if (ret == PRVMGR_ERR_NONE && type == PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY) {
#endif
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %s, type = %s\n", __get_result_string('m', ret), __get_privilege_type_string(type));
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("uid = 0\n");
+ printf("pkgid = org.tizen.testtest\n");
+ printf("privilege = http://tizen.org/privilege/yyyyy\n");
+ ret = privilege_info_get_privilege_type(0, "org.tizen.testtest", "http://tizen.org/privilege/yyyyy", &type);
+ printf("expected type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_BLACKLIST\n");
+ if (ret == PRVMGR_ERR_NONE && type == PRIVILEGE_MANAGER_PRIVILEGE_TYPE_BLACKLIST) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %s, type = %s\n", __get_result_string('m', ret), __get_privilege_type_string(type));
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("uid = 5001\n");
+ printf("pkgid = NULL\n");
+ printf("privilege = \n");
+ ret = privilege_info_get_privilege_type(5001, NULL, NULL, &type);
+ printf("expected ret = PRVMGR_ERR_INVALID_PARAMETER\n");
+ if (ret == PRVMGR_ERR_INVALID_PARAMETER) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %s, type = %s\n", __get_result_string('m', ret), __get_privilege_type_string(type));
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("uid = 5001\n");
+ printf("pkgid = org.tizen.testtest\n");
+ printf("privilege = http://tizen.org/privilege/yyyyy\n");
+ ret = privilege_info_get_privilege_type(5001, "org.tizen.testtest", "http://tizen.org/privilege/yyyyy", &type);
+ printf("expected type = PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL\n");
+ if (ret == PRVMGR_ERR_NONE && type == PRIVILEGE_MANAGER_PRIVILEGE_TYPE_NORMAL) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %s, type = %s\n", __get_result_string('m', ret), __get_privilege_type_string(type));
+ __color_to_origin();
+ }
+ __print_line();
}
+void __test_privilege_info_is_user_settable()
+{
+ int ret = 0;
+
+ __print_line();
+ printf("pkgid = ise-default\n");
+ printf("privacy = http://tizen.org/privacy/location\n");
+ ret = privilege_info_is_user_settable("ise-default", "http://tizen.org/privacy/location");
+ printf("is user settable\n");
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %d", ret);
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid = ise-default\n");
+ printf("privacy = http://tizen.org/privacy/camera\n");
+ ret = privilege_info_is_user_settable("ise-default", "http://tizen.org/privacy/camera");
+ printf("is not user settable\n");
+ if (ret == 0) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %d", ret);
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid = org.tizen.testtest\n");
+ printf("privacy = http://tizen.org/privacy/userhistory\n");
+ ret = privilege_info_is_user_settable("org.tizen.testtest", "http://tizen.org/privacy/userhistory");
+ printf("is user settable\n");
+ if (ret == 1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %d", ret);
+ __color_to_origin();
+ }
+
+ __print_line();
+ printf("pkgid = org.tizen.testtest\n");
+ printf("privacy = http://tizen.org/privacy/xxxxx\n");
+ ret = privilege_info_is_user_settable("org.tizen.testtest", "http://tizen.org/privacy/xxxxx");
+ printf("error must be occurred\n");
+ if (ret == -1) {
+ success_cnt++;
+ __color_to_green();
+ printf("success\n");
+ __color_to_origin();
+ } else {
+ fail_cnt++;
+ __color_to_red();
+ printf("fail. ret = %d", ret);
+ __color_to_origin();
+ }
+ __print_line();
+}
+
+
int main()
{
__tcinfo(function, "privilege_info_is_privacy");
__tcinfo(function, "privilege_info_get_privacy_display");
__test_privilege_info_get_privacy_display();
+#ifdef ENABLE_ASKUSER
__tcinfo(function, "privilege_info_is_privacy2");
__test_privilege_info_is_privacy2();
+#endif
+
+ __tcinfo(function, "privilege_info_get_privilege_type");
+ __test_privilege_info_get_privilege_type();
+
+ __tcinfo(function, "privilege_info_is_user_settable");
+ __test_privilege_info_is_user_settable();
__color_to_green();
printf("Test Complete\n");
projects / platform / core / security / privilege-checker.git / commitdiff